[jboss-user] [Security & JAAS/JBoss] - Re: need advice
kosl
do-not-reply at jboss.com
Wed Sep 13 16:30:54 EDT 2006
Well, I think it needs integrating since the results of authentication done by securityfilter must be "caught" by JBoss web layer and ejb layer. I tried to describe my problems http://www.jboss.com/index.html?module=bb&op=viewtopic&t=90372.
but I got no answer.
I guess the problem lies in this method:
| public Principal authenticate(String username, String password) {
| try {
| SubjectSecurityManager subSecMgr = getSecurityManager();
| SimplePrincipal p = new SimplePrincipal(username);
| char[] pChars = password.toCharArray();
| if (subSecMgr.isValid(p, pChars)) {
| SecurityAssociation.setPrincipal(p);
| SecurityAssociation.setCredential(pChars);
| return p;
| }
| } catch (Exception e) {
| log.debug(e);
| }
| return null;
| }
|
SecurityAssociation is not in the API and since this code is quite old I guess it simply doesn't work any more with the new version of JBoss.
Thank you very much for your help so far ;-)
k.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3971390#3971390
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3971390
More information about the jboss-user
mailing list